Over 1 million tech questions and answers.

Security Alert: CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability this May 14, 2019?

Q: Security Alert: CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability this May 14, 2019?

Hi, Guys.

Do you know about the Microsoft Release for CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability this May 14, 2019?

Are the security updates for this considered emergency and out-of-band? Please advise.

Thank you.

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Security Alert: CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability this May 14, 2019?

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 195.6

Details to Reproduce


Our SP versions are given below ? SP 2010: Running on SP2 and Apr 2017 CU (KB3191846) Version: 14.0.7180.5001


SP 2013: Running on SP1 and Oct 2018 CU (KB4461458) Version: 15.0.5075.1000

Summary: Markus Wulftange from Trend Micro's Zero Day Initiative has found a Remote Code Execution Vulnerability on Microsoft SharePoint Server CVE-2019-0604


Vulnerability Name : Microsoft SharePoint Remote Code Execution Vulnerability CVE Number : CVE-2019-0604 Attack Type : Remote Code Execution Vulnerability Attack vector
: Network Attack Complexity : Low Confidentiality Impact : High Integrity Impact : High Availability Impact : High Xforce score : 9.8

Description ? When software fails to check the source markup of an application package. ? An attacker who successfully exploited the vulnerability could run arbitrary code
in the context of the SharePoint application pool and the SharePoint server farm account. ? Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected versions of SharePoint. ? The security
update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.

Detailed analysis ? MS Released a patch on February, The original patch only addressed the Microsoft.SharePoint.BusinessData.Infrastructure.EntityInstanceIdEncoder in Microsoft.SharePoint.dll
but not the Microsoft.Office.Server.ApplicationRe... Read more

Read other answers
RELEVANCY SCORE 154

Hello, 
We use an internal WSUS server to deploy MS Updates to our servers and workstations. 
I am looking at this link and trying to identify the KB number and make sure our WSUS server has downloaded that KB to deliver. 
Does anyone know the KB this link is referring to?
https://msrc-blog.microsoft.com/2019/08/13/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/
Many thanks. 

Read other answers
RELEVANCY SCORE 145.6

Hiya

The Remote Installation Service enables a TFTP service on the server which by default could allow an anonymous user to potentially overwrite existing operating system files or upload a specially crafted file. This could allow an attacker to compromise operating system installs offered by the RIS server.

Affected Software:

• Microsoft Windows 2000 Service Pack 4

http://www.microsoft.com/technet/security/bulletin/ms06-077.mspx

Regards

eddie
 

Read other answers
RELEVANCY SCORE 133.6

Hiya

This one has two vulnerabilities:

A privilege elevation vulnerability exists in the way that the affected operating systems and programs access memory when they process COM structured storage files. This vulnerability could allow a logged on user to take complete control of the system
A remote code execution vulnerability exists in OLE because of the way that it handles input validation. An attacker could exploit the vulnerability by constructing a malicious document that could potentially allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, user interaction is required to exploit this vulnerability on Windows 2000, Windows XP, and Windows Server 2003.

Affected Software:

• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows Server 2003
• Microsoft Windows Server 2003 for Itanium-based Systems
• Microsoft Exchange 2000 Server Service Pack 3 (uses the Windows OLE component)
• Microsoft Exchange Server 2003 and Microsoft Exchange Server 2003 Service Pack 1 (uses the Windows OLE component)
• Microsoft Exchange Server 5.0 Service Pack 2 (uses the Windows OLE component)
• Microsoft Exchange Server 5.5 Service Pack 4 (uses ... Read more

A:Vulnerability in OLE and COM Could Allow Remote Code Execution

Unsticking now
 

Read other 1 answers
RELEVANCY SCORE 133.6

Hello everyone,

I hope all is well with you this day.

Last night I seemed to have picked up a bug.

I'm not sure just how to get rid of it.

neos_1
I'm running Windows XPSP2
 

Read other answers
RELEVANCY SCORE 133.2

I am using windows server 2019 terminal server and can't find remote desktop service manager mmc to manage active session. If it is discontinued, is there any other tools I can use to manage sessions on terminal servers.

Read other answers
RELEVANCY SCORE 132

Hiya

A remote code execution vulnerability exists within the Network News Transfer Protocol (NNTP) component of the affected operating systems. This vulnerability could potentially affect systems that do not use NNTP. This is because some programs that are listed in the affected software section require that the NNTP component be enabled before you can install them. An attacker could exploit the vulnerability by constructing a malicious request that could potentially allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system
Affected Software:

• Microsoft Windows NT Server 4.0 Service Pack 6a
• Microsoft Windows 2000 Server Service Pack 3 and Microsoft Windows 2000 Server Service Pack 4
• Microsoft Windows Server™ 2003
• Microsoft Windows Server 2003 64-Bit Edition
• Microsoft Exchange 2000 Server Service Pack 3 (Uses the Windows 2000 NNTP component)
• Microsoft Exchange Server 2003 and Microsoft Exchange Server 2003 Service Pack 1 (Uses the Windows 2000 or Windows Server 2003 NNTP component)

http://www.microsoft.com/technet/security/bulletin/ms04-036.mspx

Regards

eddie
 

Read other answers
RELEVANCY SCORE 132

Hiya

A remote code execution vulnerability exists in SNMP Service that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.

Affected Software:

• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition

http://www.microsoft.com/technet/security/bulletin/ms06-074.mspx

Regards

eddie
 

Read other answers
RELEVANCY SCORE 130.8

Hiya
A remote code execution vulnerability exists in Excel. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of the affected system.

Affected Software:

• Microsoft Office 2000 Software Service Pack 3
• Excel 2000

• Microsoft Office XP Software Service Pack 2
• Excel 2002

• Microsoft Office 2001 for Mac
• Excel 2001 for Mac

• Microsoft Office v. X for Mac
• Excel v. X for Mac

http://www.microsoft.com/technet/security/bulletin/ms04-033.mspx

Regards

eddie
 

Read other answers
RELEVANCY SCORE 130.8

Hiya

A remote code execution vulnerability exists in MSN Messenger that could allow an attacker who successfully exploited this vulnerable to take complete control of the affected system.

Affected Software:

• MSN Messenger 6.2

http://www.microsoft.com/technet/security/Bulletin/MS05-022.mspx

Regards

eddie
 

A:Vulnerability in MSN Messenger Could Lead to Remote Code Execution

unsticking
 

Read other 1 answers
RELEVANCY SCORE 129.2

F-Secure has patched a remote code execution vulnerability that affected several of its security products and exposed users to drive-by download attacks.

The buffer overflow vulnerability was discovered by security consultant Anil Aphale, aka 41.w4r10r, and is located in the F-Secure Gadget Resource Handler ActiveX Control (fsresh.dll).

According to vulnerability management vendor Secunia, which rates this vulnerability as highly critical, the flaw is caused by a boundary error in the handling of the "initialize()" method.

The vulnerability can be exploited by tricking victims into visiting a specially-crafted web page using Internet Explorer.

F-Secure Anti-Virus 2010 and 2011, F-Secure Internet Security 2010 and 2011, as well as products based on F-Secure Protection Service for Consumers version 9 and F-Secure Protection Service for Business - Workstation security version 9 are affected by this flaw.Click to expand...

Read More

F-secure Security Advisory

Secunia Link
 

A:Remote Code Execution Vulnerability Patched in F-Secure Antivirus

I always wonder how secure our security software is. It's why I hate 3rd party security.
 

Read other 2 answers
RELEVANCY SCORE 129.2

Hiya

A remote code execution vulnerability exists in Windows Media Format Runtime due to the way it handles Advanced Systems Format (ASF) files. An attacker could exploit the vulnerability by constructing specially crafted Windows Media Player content that could potentially allow remote code execution if a user visits a malicious Web site or opens an e-mail message with malicious content. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

A remote code execution vulnerability exists in Windows Media Format Runtime due to the way it handles certain elements contained in Advanced Stream Redirector (ASX) files. An attacker could exploit the vulnerability by constructing a specially crafted ASX file that could allow remote code execution if a user visits a malicious Web site, where specially crafted ASX files are used to launch Windows Media player, or if a user clicks on a URL pointing to a specially crafted ASX file. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Affected Software:

• Microsoft Windows Media Format 7.1 through 9.5 Series Runtime on the following operating system versions:

• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 or Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 x64 Edition

• Microsoft ... Read more

Read other answers
RELEVANCY SCORE 125.6

Yesterday I get a notice to install this to avoid a hijacker like wannacry. Found several items about it on the net, all advising to install it, including Microsoft site, but none had a link. Used link on Advanced System Care to install it, and it caused nothing but problems. Mainly blank pages on browsers and Windows Update. Did a restore and am back to normal. Tried a method of seeing if it is needed by checking System 32 dll but could not get the result that was supposed to appear. So what the hell is going on here and should anything need to be done? Running Windows 7 Home Premium, important updates always installed.

Tech Support Guy System Info Utility version 1.0.0.4
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 4
RAM: 6070 Mb
Graphics Card: Intel(R) G33/G31 Express Chipset Family, 256 Mb
Hard Drives: C: 560 GB (451 GB Free);
Motherboard: LENOVO, To be filled by O.E.M.
Antivirus: Microsoft Security Essentials, Enabled and Updated
 

Read other answers
RELEVANCY SCORE 125.6

Hi All,
I tried to find the update to Windows Vista mentioned in article below:
https://support.microsoft.com/en-us/help/4499180/windows-server-2008-update-kb4499180
In article says the is support do WinVista, but when access the Microsoft Catalag, no exists the option to this version:
https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/

Anyone know if Microsoft will release version to Windows vista?
regards.






Read other answers
RELEVANCY SCORE 125.2

hi i think i have this.... virusAdobe Flash Player CVE-2010-2884 Unspecified Remote Code Execution Vulnerability .....i do know i have a virus as my computer keeps crashing and restarting(75% of the time) when i try to start up internet explorer. also i feel i my have more than 1 virus. i have no idea what to do and it also stops me from getting into certain programs in run cmd. ive tried youtube, self help sites etc and i cant do nothing im asked as things dont happen the way they should. im semi computer literiate, and can follow instructions but im sure this virus is stopping anything im trying to do. i use norton 360 and its not detecting anything, so i spoke to their online support and the guy said it sounds like i do have a virus but they want ?70 to fix it. ofc i was livid as ive already paid them ?99 to stop virus's in the first place and i have tried to fix it myself. im now thinking of dumping this laptop which ive only had for about 7 months and buying a new one as i use internet banking and paypal etc. any help would be highly appreciated as your will be saving me money on a new computer.thanks. also obviously norton is a pile of ****, any suggestions of my next anti virus?

A:Adobe Flash Player CVE-2010-2884 Unspecified Remote Code Execution Vulnerability

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers
RELEVANCY SCORE 124.4

Hello,
If you have download the recent cve-2019-0708 patch, should it show up under the "show updates" option in Add or Remove Programs on Windows XP (running service pack 3)?
If not, what's the best way to check if cve-2019-0708 has been installed?
Thank you!

Read other answers
RELEVANCY SCORE 121.6

Hello.
I would like to know if i need a security update or patch to solve CVE-2019-0708 on Windows Embedded Compact V7.0, like KB4499175 for Windows 7 ultimate SP1, or KB4500331 for Windows XP.
Maybe i dont need to install anything because this version os Windows is not vulnerable to that problem, but im not sure.
Thanks in advance.
Yours, Fernando,

Read other answers
RELEVANCY SCORE 121.6

I am unable to find the details of the patch that was released for CVE-2018-8115. Can someone please provide the link?

Read other answers
RELEVANCY SCORE 117.6

Hiya

Putting this in here, in case other miss it, as its also in Security. Sticking for a week

A remote code execution vulnerability exists in Step-by-Step Interactive Training because of the way that Step-by-Step Interactive Training handles bookmark link files. An attacker could exploit the vulnerability by constructing a malicious bookmark link file that could potentially allow remote code execution if a user visited a malicious Web site or opened a malicious attachment that was provided in an e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, user interaction is required to exploit this vulnerability.
Affected Software:

• Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
• Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium)
• Microsoft Windows XP 64-Bit Edition Version 2003 (Itanium)
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based
• Microsoft Windows Server 2003 x64 Edition

http://www.microsoft.com/technet/security/Bulletin/MS05-031.mspx

Regards

eddie
 

A:Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution

Unsticking now
 

Read other 1 answers
RELEVANCY SCORE 108.8

I have some white / blank box that appears in Outlook 2019 / Excel 2019 after my computer goes to sleep. The only way to get it to go away is restarting Outlook / Excel. Any ideas how to fix this?It wasn't happening with my old Yoga 3 Pro... but since I got my new Yoga 920 it's happenning....and it's REALLY ANNOYING!

A:Lenovo YOGA 920 (92013IKB) - White Box in Outlook 2019 / Excel 2019 after computer goes to sleep

MORE DETAILS from another user reporting the same problem...https://answers.microsoft.com/en-us/windows/forum/all/windows-10-1809-cannot-change-screen-brightnes... Windows 10 1809: floating white shapes on screenAfter updating to Windows 10 version 1809, I have experienced several strange issues with my display. I am using a Lenova Yoga 920 laptop. These problems go away after rebooting the computer, but then re-emerge after using the computer for a while, and persist until I reboot again. It is getting very irritating, and interfering with my work.  - A mysterious floating white circle appeared on my desktop background. I cannot click on or interact with it, and changing the desktop background does not remove the circle. Then, a second circle appeared. Now, there is also a floating white rectangle. The rectangle poses the biggest issue, because it remains on TOP of whatever other windows I have open, constantly obstructing part of my screen unless I reboot the computer. The circles remain on the desktop background. I have attached a picture of these weird white artifacts on my display. Things I have already tried:- Installing all available Windows patches and updates- Updating graphics driver- Checking/unchecking auto-brightness settings

Read other 1 answers
RELEVANCY SCORE 102.4

Hi everyone,
Our Nessus scanner detected the following vulnerability :


Description
<section>

The version of Microsoft Malware Protection Signature Update Stub (MpSigStub.exe) installed on the remote Windows host is prior to 1.1.16200.1. It is, therefore, affected by a elevation of privilege vulnerability which could allow an attacker who successfully
exploited this vulnerability to elevate privileges on the system.

</section>
Solution
<section>

Enable automatic updates to update the scan engine for the relevant antimalware applications. Refer to Knowledge Base Article 2510781 for information on how to verify that MMPE has been updated.

</section>
Plugin Output
<section>
Product : Microsoft Malware Protection Signature Update Stub
Path : C:\Windows\System32\MpSigStub.exe
Installed version : 1.1.15000.2
Fixed version : 1.1.16200.1
</section>
I don't understand how to fix that issue, is there any patches ?
Regards,
Lucas

Read other answers
RELEVANCY SCORE 102.4

Hi, Guys.
Are critical security updates for CVE-2019-1367 considered an out-of-band updates and should be deployed to all applicable systems as an emergency or should be applied as part of normal patching cycle?
Thank you.

Read other answers
RELEVANCY SCORE 102.4

Realtek Audio driver has a vulnerability where you can load malware as DLL with NT AUTHORITY\SYSTEM permissions. https://www.bleepingcomputer.com/news/security/realtek-fixes-dll-hijacking-flaw-in-hd-audio-driver-f...https://safebreach.com/Post/Realtek-HD-Audio-Driver-Package-DLL-Preloading-and-Potential-Abuses-CVE-...https://www.realtek.com/images/safe-report/PM_Realtek_Audio_Drivers_for_Windows_DLL_preloading_and_p... According to Realtek, drivers version 8555 and older are affected.We have several Lenovo models with Realtek audio drivers where version number seems to indicate an older Realtek audio driver version than 8855, for instance Lenovo ThinkPad T470s (20HF0001MX) with driver updated 191014 with version number 6.0.8777.1. Are Lenovo supplied drivers for Realtek Audio affected by CVE-2019-19705?

Read other answers
RELEVANCY SCORE 101.6

Can somebody explain this a little better for me. Say for example you have something like the windows gadgets that can be exploited using remote code. Can the gadgets still be exploited if you do not visit any malicious websites or install any malware executables?
And if they still can,then how?

A:Remote code execution

Remote code means what it says.  The application can be exploited and run code from a remote source.  The extent of the remote code vulnerability will vary by vulnerability.  Some may only need the device connected to a public IP address, some may need something more.
 
This was the best I could find, in a quick search, about the Windows gadget vulnerability.  Basically "Microsoft has said that it has discovered that some Vista and Win7 gadgets don’t adhere to secure coding practices and should be regarded as causing risk to the systems on which they’re run."  So it isn't gadgets in particular, just that a "bad" gadget could be created and there isn't a lot in place in the gadget portion of Windows that protects you against it.

Read other 3 answers
RELEVANCY SCORE 100.8

Users of Windows Vista and Windows 7 have been advised to completely disable their Windows Sidebar and Gadgets, in response to what appears to be a serious security risk.

Microsoft Security Advisory (2719662): Vulnerabilities in Gadgets Could Allow Remote Code Execution

See also: Microsoft Urges Users to Shut Down Windows Gadgets or Risk Attack

A:Gadgets Could Allow Remote Code Execution

This was posted by Brink in the News forum Microsoft Urges Users to Shut Down Windows Gadgets or Risk Attack
, but i think it's good to have a post here so more people might see this.

Do you tell people they should stop using Gadgets because of a Security issue?

I don't use them, but i know and help (non-tech) people that do use them and love them...but i can only cry Wolf so many times

Read other 9 answers
RELEVANCY SCORE 100

So few days ago at night my computer fans got louder than usual and i just closed my computer but after that night my cpu usage and overall performance has gone worse than what it has ever been.
I can barely keep software's up anymore without them slowing down my whole computer and i'm not sure if it's all because this update that has keep failing and the fact that my computer isn't up to date without it.

Things i have tried to fix the cpu usage/ windows update problem:
?disabled most startup programs
?did sfc/scannow but it didn't help
?ran all avast cleanups (no viruses found)
?re installed avast and avast cleanup 
?disabled some unnecessary parts of avast to help with cpu but it didn't fix the problem
?made sure that there isn't multiple antivirus
softwares up at the same time
?opened up my computer case and cleaned fans,case etc from dust (i think this helped a bit with the cpu but my computer still can't handle any games that it was able to handle
few days ago)
?tried downloading and manually installing the update but even then it failed
?ran Windows Update troubleshooter and tried to
fix windows updates but it didn't help either
?disabled superfetch but it didn't do anything so i turned
it back on

+ my computer has 201 Gt of free space so i don't think that's causing the cpu problem either.
i'd be really happy if someone could help me with these issues that i am facing.

Read other answers
RELEVANCY SCORE 99.6

MS09-003 (Critical) BulletinMS09-005 (Important 3X Vulnerability) BulletinShould be covered in Windows Updates within tonight and tomorrow, or next day (2-12).More vulnerabilities

Read other answers
RELEVANCY SCORE 99.6

I opened an e-card and it installed a program that runs pop-up ads when keywords are detected. This is hitting a lot of people. The ads are for, of course, various porn sites; most often for "nitechat."
Here is info on the scam:

http://www.der-keiler.de/Mailing-Lists/securityfocus/incidents/2002-09/0179.html

Here is another site that has removal instructions:

http://and.doxdesk.com/parasite/Cytron.html

PLEASE! Can someone please provide me with step by step instructions on how I can recognize and remove this exe file! I am running Windows XP home ed.
THANX!
 

A:E-Card remote code execution scam...HELP!

Read other 7 answers
RELEVANCY SCORE 99.2

Microsoft Windows and about 40 applications that run on it are vulnerable to remote-code execution attacks that are "trivial" to carry out, a noted security researcher warned Wednesday.The flaw involves the way Windows loads "safe" file types from remote network locations, and is almost identical to one that Apple excised in iTunes last week: http://support.apple.com/kb/HT4105 , H D Moore, CSO and chief architect of the Metasploit project, told The Register. He said the bug is ?trivial? to remotely exploit, but wasn't authorized to provide additional details about techniques or other vulnerable applications.scforum.infoFound this, enjoyKarsten

Read other answers
RELEVANCY SCORE 97.6

Hiya

This is two-fold:

A vulnerability exists in Microsoft Word that could allow an attacker to run arbitrary code on a users system.
If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges.
Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
A vulnerability exists in Microsoft Word that could allow an attacker to run arbitrary code on a users system.
If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges.
Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
Affected Software:

• Microsoft Word 2000 and Microsoft Works Suite 2001
• Microsoft Word 2002, Microsoft Works Suite 2002, Microsoft Works Suite 2003, and Microsoft Works Suite 2004
• Microsoft Office Word 2003

http://www.microsoft.com/technet/security/Bulletin/MS05-023.mspx

Regards

eddie
 

A:Vulnerabilities in Microsoft Word May Lead to Remote Code Execution

unsticking
 

Read other 1 answers
RELEVANCY SCORE 97.6

badpack3t announced the discovery of a so far unpatched vulnerability in Windows XP SP2. The vulnerability in due to a flaw in the remote desktop assistant. This service is NOT FIREWALLED in XP SP2's default firewall configuration. badpack3t was able to cause a blue screen. However, there is a chance that this could be used to execute code remotely. RDP uses port 3389 TCP. In one MSFT document, 3389 UDP is mentioned, but we could not verify that RDP listens on 3389 UDP. Our sensors did see a slight increase in port 3389 TCP scanning starting about two weeks ago. The increase is small, and somewhat consistent with a small number of new scanners.The remote desktop assistant should be turned off if it is not needed. This only applies to XP SP2 and you can do this by:1. Right mouse clicking on My Computer, selecting Properties2. Then select the Remote tab. 3. From there you can uncheck options to turn off the Remote Assistant capabilities if they are not needed.More links below:Windows XP SP2 vulnerability - Remote Desktop AssistantSecunia Advisory on DoS potentialImmunity Security Notice

A:Windows XP SP2 vulnerability - Remote Desktop

Microsoft Advisory on the Vulnerability in RDP Microsoft has released a security advisory on the vulnerability in Remote Desktop Protocol (RDP). Their initail investigation has confirmed the DoS vulnerability. Services that utilize RDP are not enabled by default, but Remote Desktop is enabled by default on Windows XP Media Center Edition. The advisory has provided the following workarounds: * Block TCP port 3389 at the firewall. * Disable Terminal Services or the Remote Desktop feature if they are not required. * Secure Remote Desktop Connections by using an IPsec policy. * Secure Remote Desktop Connections by employing a Virtual Private Network (VPN) connection.

Read other 2 answers
RELEVANCY SCORE 94.4

Hello Team,

Please advice me what kind of steps need to take for  ATA issue like..
1.dns services .
2.directory services 
3.remote desktop services.

we have 70 to 80 medium tickets  what would be the best resolution for this things

Read other answers
RELEVANCY SCORE 94.4

OS: Win8 64bit (My desktop is Win8, my laptop is Win7. We're dealing with the desktop here.)
Where I am: university network, but these features seem to be working with my laptop.
Things I've checked: allowing services through Windows Firewall (Bonjour, WMC services, etc.)
Allowing remote services in System Properties
Many, many existing threads and non-solutions
How I'm feeling:

None of these features or applications work, and they're all supposed to function differently from one another (e.g. WMC doesn't use the Apple Bonjour service, so it isn't a program-specific problem). I just want to control my media system with my desktop
Is there some obscure service or file or setting that I'm missing that could prevent any remote applications?

A:Remote features not working -remote desktop, WMC, iTunes remote, etc.

Let's focus on "remote desktop". Can someone remotely access it from the internet?
If not: Can someone remotely access it from same LAN?

Read other 8 answers
RELEVANCY SCORE 93.6

Hiya

An identified security vulnerability in Microsoftฎ Windows 2000ฎ could allow an attacker to take control of the computer. This issue is most likely to affect computers used as Web servers. You can help protect your computer from this and other identified issues by installing this update from Microsoft.
System Requirements
Supported Operating Systems: Windows 2000

Windows 2000 Professional
Windows 2000 Server
Windows 2000 Advanced Server
Internet Information Server 5.0
http://www.microsoft.com/downloads/...45-5145-4844-b62e-c69d32ac929b&DisplayLang=en

Regards

eddie
 

Read other answers
RELEVANCY SCORE 92.4

I recently installed ATA in our environment.  It has generated a few alerts, and so far I've been able to identify and mitigate the issue based on the information in the alert.  This morning I came in to an alert that doesn't include much detail,
and I'm not sure how to proceed.  
The alert reads as follows: 
Remote execution attempt detected
The following remote execution attempts were performed on DC_A from SERVER_B:

Attempted remote creation of one or more services
2/3/17 10:04 PM > 2/5/17 10:04 PM

Viewing the Details pane doesn't offer any useful details either.  It shows the computer SERVER_B at the top, with columns below:
Accounts      Created                        Result          Via Domain Controllers (1)
Unknown     Unknown Service       Unknown     DC_A

I'm going to go look at the event logs on the servers from the referenced time, but does anyone have experience with alerts of this nature or suggestions on where to go from here?

Read other answers
RELEVANCY SCORE 92

DELETED
Apparently The Content I posted was Violation of the Rules.
Simple Mistake, It won't happen again.

A:How to Keep Getting Security Updates Until 2019

IBTL! You do realize this violates the EULA and T.O.S.?

Read other 4 answers
RELEVANCY SCORE 91.2

Hi

I know there are other products out there, like vnc, ultravnc, teamviewer etc etc, but really nothing beats the sheer speed of remote desktop, it's like sitting in front of the actual computer. I also know about Remote Assistance built into Windows 7.

I would like to use remote desktop to do the following if possible.

1. I would like to know if there is a way, to not lock the host machine that you are connected to?, so the user can see what you are doing?.

2. Is there a way that Remote desktop can be used without logging off the logged in account?, or just use the logged in account?

I would like to use Remote Desktop for a remote helpdesk solution if possible. If anyone knows how to do this things I am asking it would be the people on this board.

A:Using Remote Desktop instead of Remote Assistance for remote helpdesk?

Might be possible to do it. I think you need some sort of security.

Read other 8 answers
RELEVANCY SCORE 90.4

Dear All, I installed trial version of PC wash in my computer running Vista x64 Home Edition. during scanning it asked to me disable some services, so i disabled them and then some menus were hidden from me. then i uninstalled the software but still those thing r disabled or completly not appearing.
as an example, Remote Desktop Connection, Services, Component Services, Disk Defrag, Schedule, Disk Clean up and much features are not appearing in accessories menu.
I think i disabled services which caused this, can any one help me please how to enable those services again?

A:Remote Desktop and Services does not appear

Are you able to System Restore to a date before you installed the program?

Read other 2 answers
RELEVANCY SCORE 89.2

I made the choice to reinstall W7 after finding my pc picked up Trojan Dropper/Gen-C according to Superantispyware. After installation I disabled unneeded/unwanted services, one of which is Remote Desktop Services. I did this on the original installation with no glitches. With the reinstall, this particular service 'resets' itself to the default(Automatic/Started)after every reboot even though I disable it. I have to re-disable it every time. According to Task Manager, any remote services listed are still Stopped when this happens so I can't figure this out - any help or suggestions would be much appreciated.

A:Can't disable Remote Desktop Services

Are you trying to disable it in msconfig or in services.msc?

Read other 3 answers
RELEVANCY SCORE 89.2

Hello,
I would like to setup a PC running Windows 7 Pro as a Remote Desktop Services kiosk.
Users will login using their own credentials, Internet Explorer should then launch automatically to our RDS page, where they will then be able to login to an RDS session, also with their own credentials.  They should not be able to do anything else
on the kiosk machine except logout or restart the computer.
I have successfully made a kiosk machine using Group Policy, but this was for a single "guest" user.  Since multiple users will be logging in using their own credentials, I am unable to "lock down" the machine using the User
Configuration of the GPO. This is because the User Configuration's restrictions would carry over with the users to the RDS session.
I only need the kiosk system locked down, not the RDS session and I don't want to use third party software if possible.
Using the Computer Configuration for a GPO I can easily make the computer launch Internet Explorer in kiosk mode as well as point it to our RDS login page.  The problem is, any savvy user can Alt-F4, or Control-N, or do various other things to take
the computer out of a full screen kiosk Internet Explorer.
If this works well, we will then deploy the GPO (or whatever) to around 100 PCs on our network.
Any help or suggestions would be greatly appreciated!
Thanks.

Read other answers
RELEVANCY SCORE 89.2

Help? Sort of a new one to me... On my network...All workstations are Windows XP (mostly running SP2), and a few Windows 2000 workstaions. All Servers are Windows 2003, with 1 or 2 remaining Windows 2000 Servers still being used... I have been experiencing a problem lately with a few computers, in that they cannot connect to a remote computer using remote desktop or Terminal Services...When I shadow one of the workstations I can see that there is an issue, and when I try to log into the remote computer as the user, as myself (domain admin) or as the administrator I get the same error message (cannot connect, verify the username and password are correct, etc). This troubles me as I can connect to the same remote computer from my workstation... Using my account or the users account. If I look in terminal services manager on the server that cannot be logged into, I see there are active sessions (not all licenses are being used), so that is not an issue. I was able to fix one of the computers last week with this issue by formatting and reloading the os and all related applications, but clearly, there has to be another way. help!
 

Read other answers
RELEVANCY SCORE 88.4

Hi everyone,

I recently bought a new computer with a Win7 Professional OS. And I've been using Remote Desktop Connection to connect to our server. In that server also includes our corporate email (Outlook 2007). My question is this, Why is it I cannot see my files when I'am trying to attach it to my email? I already tweak it with Take Ownership. I can see my name under Users folder but after I open my names folder, I cannot see the other folders My Documents, Pictures etc...

Help!

Thanks in advance,
Bombet

A:Remote Desktop services on Windows 7 Professional

Welcome!

I guess I am a little confused about your problem. Could you please give a few more details and explain the situation again?

You might find that a picture is worth a thousand words. In that case, consider taking a screenshot and uploading it to this site. See this link: http://www.sevenforums.com/tutorials...en-forums.html

Thanks,
~JK

Read other 5 answers
RELEVANCY SCORE 88.4

While I was trying to figure out why ehtray was popping up at startup and looking through my services. Not only were "Windows media center receiver service" and "windows media center scheduler service" set to automatically start for some reason, but "remote desktop services" was set to automatically start as well, and under status it said 'started'
 
I stopped the service and set it back to manual, went to 'system' and 'allow remote access', somehow that had been checked as well.
 
To my knowledge, none of these settings are suppose to be on by default, and I know I certainly didn't turn them on. Not long ago I ran windows repair at the advice I received in another thread, it fixed the issues I was having then, but would it have changed these settings too?

A:remote desktop services set to automatic/started?

In the future...please do not initate topics about the same basic issues.
 
See post at http://www.bleepingcomputer.com/forums/t/579670/ehtrayexe-pops-up-at-startup-and-goes-away/?p=3737796 .
 
Louis

Read other 1 answers
RELEVANCY SCORE 88.4

Hello everyone

im running win xp sp2 on three home pcs
for ease, i will use three names: MainPC, Laptop, Spare

im trying to connect to each of them through remote desktop.
all three are connected through router

when i forward port 3389 to Laptop ip in router settings, i can connect to it using the other two
also the case when i forward port 3389 to Spare ip.
when testing these ports on canyouseeme.org, there is no problems.
also no problems with testing telnet [ip] 3389 in command prompt
terminal services is started on Laptop and on Spare

however, when i forward port 3389 to MainPC, i cannot connect to it through the other two computers using remote desktop.
the error message is

"The client could not connect to the remote computer.
Remote connections might not be enabled or the computer might be too busy to accept new connections. It is also possible that networs problems are preventing your connection. Please try again later."

when testing canyouseeme.org for port 3389 on MainPC, i get Error: Connection Refused.

When checking is terminal services is started using services.msc, it IS NOT started, and when i do start it, i get this message:
"The terminal services service on local computer started and then stopped. Some services stop automatically if they have no work to do, for example, the Performance logs and alerts services."

i have checked dependencies of this service, and all dependencies are started.
netstat -a has shown 3389 IS NOT listenin... Read more

A:Cannot Start Terminal Services/Use Remote Desktop (WXP)

Read other 6 answers
RELEVANCY SCORE 87.2

·                                                                                                                                                                                            
I haI have been accessing one of my windows 7 remotely using RDC. For some reasons  I can’t access it any more with this message:  
"Remote Desktop cannot verify the identity of the remote computer because there is a time or date difference
between your computer and the remote computer. Make sure your computer's clock is set to the corr... Read more

A:Remote Desktop cannot verify the identity of the remote computer because there is a time or date difference between your computer and the remote computer

Ours was a DNS issue.  Someone put an entry in the wrong firewall.
 

Read other 15 answers